Store a copy of Association Request RSNXE in AP mode for later use
This is needed to be able to compare the received RSNXE to a protected version in EAPOL-Key msg 2/4. Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen
Jouni Malinen
parent
6d6c887751
commit
d3516cad7a
9 changed files with 31 additions and 4 deletions
|
|
@ -319,6 +319,8 @@ int hostapd_notif_assoc(struct hostapd_data *hapd, const u8 *addr,
|
|||
res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm,
|
||||
hapd->iface->freq,
|
||||
ie, ielen,
|
||||
elems.rsnxe ? elems.rsnxe - 2 : NULL,
|
||||
elems.rsnxe ? elems.rsnxe_len + 2 : 0,
|
||||
elems.mdie, elems.mdie_len,
|
||||
elems.owe_dh, elems.owe_dh_len);
|
||||
if (res != WPA_IE_OK) {
|
||||
|
|
|
|||
|
|
@ -1654,6 +1654,8 @@ void handle_auth_fils(struct hostapd_data *hapd, struct sta_info *sta,
|
|||
res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm,
|
||||
hapd->iface->freq,
|
||||
elems.rsn_ie - 2, elems.rsn_ie_len + 2,
|
||||
elems.rsnxe ? elems.rsnxe - 2 : NULL,
|
||||
elems.rsnxe ? elems.rsnxe_len + 2 : 0,
|
||||
elems.mdie, elems.mdie_len, NULL, 0);
|
||||
resp = wpa_res_to_status_code(res);
|
||||
if (resp != WLAN_STATUS_SUCCESS)
|
||||
|
|
@ -2965,7 +2967,7 @@ u16 owe_process_rsn_ie(struct hostapd_data *hapd,
|
|||
rsn_ie_len += 2;
|
||||
res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm,
|
||||
hapd->iface->freq, rsn_ie, rsn_ie_len,
|
||||
NULL, 0, owe_dh, owe_dh_len);
|
||||
NULL, 0, NULL, 0, owe_dh, owe_dh_len);
|
||||
status = wpa_res_to_status_code(res);
|
||||
if (status != WLAN_STATUS_SUCCESS)
|
||||
goto end;
|
||||
|
|
@ -3173,6 +3175,8 @@ static u16 check_assoc_ies(struct hostapd_data *hapd, struct sta_info *sta,
|
|||
res = wpa_validate_wpa_ie(hapd->wpa_auth, sta->wpa_sm,
|
||||
hapd->iface->freq,
|
||||
wpa_ie, wpa_ie_len,
|
||||
elems.rsnxe ? elems.rsnxe - 2 : NULL,
|
||||
elems.rsnxe ? elems.rsnxe_len + 2 : 0,
|
||||
elems.mdie, elems.mdie_len,
|
||||
elems.owe_dh, elems.owe_dh_len);
|
||||
resp = wpa_res_to_status_code(res);
|
||||
|
|
|
|||
|
|
@ -708,6 +708,7 @@ static void wpa_free_sta_sm(struct wpa_state_machine *sm)
|
|||
#endif /* CONFIG_IEEE80211R_AP */
|
||||
os_free(sm->last_rx_eapol_key);
|
||||
os_free(sm->wpa_ie);
|
||||
os_free(sm->rsnxe);
|
||||
wpa_group_put(sm->wpa_auth, sm->group);
|
||||
#ifdef CONFIG_DPP2
|
||||
wpabuf_clear_free(sm->dpp_z);
|
||||
|
|
|
|||
|
|
@ -319,6 +319,7 @@ enum {
|
|||
int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
|
||||
struct wpa_state_machine *sm, int freq,
|
||||
const u8 *wpa_ie, size_t wpa_ie_len,
|
||||
const u8 *rsnxe, size_t rsnxe_len,
|
||||
const u8 *mdie, size_t mdie_len,
|
||||
const u8 *owe_dh, size_t owe_dh_len);
|
||||
int wpa_validate_osen(struct wpa_authenticator *wpa_auth,
|
||||
|
|
|
|||
|
|
@ -102,6 +102,8 @@ struct wpa_state_machine {
|
|||
|
||||
u8 *wpa_ie;
|
||||
size_t wpa_ie_len;
|
||||
u8 *rsnxe;
|
||||
size_t rsnxe_len;
|
||||
|
||||
enum {
|
||||
WPA_VERSION_NO_WPA = 0 /* WPA not used */,
|
||||
|
|
|
|||
|
|
@ -549,6 +549,7 @@ static int wpa_auth_okc_iter(struct wpa_authenticator *a, void *ctx)
|
|||
int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
|
||||
struct wpa_state_machine *sm, int freq,
|
||||
const u8 *wpa_ie, size_t wpa_ie_len,
|
||||
const u8 *rsnxe, size_t rsnxe_len,
|
||||
const u8 *mdie, size_t mdie_len,
|
||||
const u8 *owe_dh, size_t owe_dh_len)
|
||||
{
|
||||
|
|
@ -952,6 +953,21 @@ int wpa_validate_wpa_ie(struct wpa_authenticator *wpa_auth,
|
|||
os_memcpy(sm->wpa_ie, wpa_ie, wpa_ie_len);
|
||||
sm->wpa_ie_len = wpa_ie_len;
|
||||
|
||||
if (rsnxe && rsnxe_len) {
|
||||
if (!sm->rsnxe || sm->rsnxe_len < rsnxe_len) {
|
||||
os_free(sm->rsnxe);
|
||||
sm->rsnxe = os_malloc(rsnxe_len);
|
||||
if (!sm->rsnxe)
|
||||
return WPA_ALLOC_FAIL;
|
||||
}
|
||||
os_memcpy(sm->rsnxe, rsnxe, rsnxe_len);
|
||||
sm->rsnxe_len = rsnxe_len;
|
||||
} else {
|
||||
os_free(sm->rsnxe);
|
||||
sm->rsnxe = NULL;
|
||||
sm->rsnxe_len = 0;
|
||||
}
|
||||
|
||||
return WPA_IE_OK;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -261,7 +261,8 @@ static int auth_init(struct wpa *wpa)
|
|||
}
|
||||
|
||||
if (wpa_validate_wpa_ie(wpa->auth_group, wpa->auth, 2412, supp_ie,
|
||||
supp_ie_len, NULL, 0, NULL, 0) != WPA_IE_OK) {
|
||||
supp_ie_len, NULL, 0, NULL, 0, NULL, 0) !=
|
||||
WPA_IE_OK) {
|
||||
wpa_printf(MSG_DEBUG, "AUTH: wpa_validate_wpa_ie() failed");
|
||||
return -1;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -504,7 +504,7 @@ static int auth_init(struct wpa *wpa)
|
|||
}
|
||||
|
||||
if (wpa_validate_wpa_ie(wpa->auth_group, wpa->auth, 2412, wpa->supp_ie,
|
||||
wpa->supp_ie_len, NULL, 0, NULL, 0) !=
|
||||
wpa->supp_ie_len, NULL, 0, NULL, 0, NULL, 0) !=
|
||||
WPA_IE_OK) {
|
||||
wpa_printf(MSG_DEBUG, "AUTH: wpa_validate_wpa_ie() failed");
|
||||
return -1;
|
||||
|
|
|
|||
|
|
@ -465,7 +465,7 @@ static int ibss_rsn_auth_init(struct ibss_rsn *ibss_rsn,
|
|||
"\x00\x0f\xac\x04"
|
||||
"\x01\x00\x00\x0f\xac\x04"
|
||||
"\x01\x00\x00\x0f\xac\x02"
|
||||
"\x00\x00", 22, NULL, 0, NULL, 0) !=
|
||||
"\x00\x00", 22, NULL, 0, NULL, 0, NULL, 0) !=
|
||||
WPA_IE_OK) {
|
||||
wpa_printf(MSG_DEBUG, "AUTH: wpa_validate_wpa_ie() failed");
|
||||
return -1;
|
||||
|
|
|
|||
Loading…
Reference in a new issue